alpine-server/pods/bitwarden/bitwarden-pod.yml

60 lines
No EOL
1.4 KiB
YAML

apiversion: v1
kind: Pod
metadata:
name: bitwarden-pod
annotations:
io.podman.annotations.infra.name: bitwarden-pod-infra
spec:
containers:
- name: vaultwarden
image: docker.io/vaultwarden/server:alpine
env:
- name: SIGNUPS_ALLOWED
value: false
- name: DATABASE_URL
value: "postgresql://postgres:<secret>@bitwarden-pod-postgres/vaultwarden"
- name: ROCKET_PORT
value: 3000
ports:
- containerport: 3000
hostport: 1080
protocol: TCP
volumemounts:
- mountpath: /data
name: vaultwarden-data
- mountpath: /etc/localtime
name: localtime
readonly: true
- name: postgres
image: docker.io/library/postgres:16-alpine
env:
- name: POSTGRES_PASSWORD
valuefrom:
secretkeyref:
name: bitwarden-secrets
key: postgres-password
volumemounts:
- mountpath: /dump
name: postgres-dump
- mountpath: /var/lib/postgresql/data
name: postgres-data
- mountpath: /etc/localtime
name: localtime
readonly: true
volumes:
- persistentvolumeclaim:
claimname: bitwarden-pod-vaultwarden-data
name: vaultwarden-data
- hostpath:
path: <home>/.dump/bitwarden
type: Directory
name: postgres-dump
- persistentvolumeclaim:
claimname: bitwarden-pod-postgres-data
name: postgres-data
- hostPath:
path: /etc/localtime
type: File
name: localtime